From patchwork Fri Sep 8 06:49:02 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Khalid Elmously X-Patchwork-Id: 1831339 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=canonical.com header.i=@canonical.com header.a=rsa-sha256 header.s=20210705 header.b=ii6x9ITw; dkim-atps=neutral Authentication-Results: legolas.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=lists.ubuntu.com (client-ip=185.125.189.65; helo=lists.ubuntu.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=patchwork.ozlabs.org) Received: from lists.ubuntu.com (lists.ubuntu.com [185.125.189.65]) (using TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4RhmvC2vKMz1yh5 for ; Fri, 8 Sep 2023 16:49:59 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=lists.ubuntu.com) by lists.ubuntu.com with esmtp (Exim 4.86_2) (envelope-from ) id 1qeVJM-000664-Cz; Fri, 08 Sep 2023 06:49:48 +0000 Received: from smtp-relay-internal-1.internal ([10.131.114.114] helo=smtp-relay-internal-1.canonical.com) by lists.ubuntu.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1qeVJ4-00064S-A4 for kernel-team@lists.ubuntu.com; Fri, 08 Sep 2023 06:49:30 +0000 Received: from mail-qk1-f198.google.com (mail-qk1-f198.google.com [209.85.222.198]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by smtp-relay-internal-1.canonical.com (Postfix) with ESMTPS id 14A6F3F131 for ; Fri, 8 Sep 2023 06:49:30 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=canonical.com; s=20210705; t=1694155770; bh=KAJRFvIDynx/Dy/05FbamHKYbzbLbP4e51qfYcBizUg=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=ii6x9ITwQDt06PHS3V0OwS8KtjU4AyTp1nD3mL4thLajDJnnvOwZXKOqpT2RjbPZY orOZohNa5niXHP3/t9YjvkoU6NtGl9dbe+3XvSNHX8eNPo6UOr0YcBmi9Cxzl+oY1Y tmwVy4Oo0e2st9ykv4jvqmvn6lY/oIzYweST1TxRAqfrbLjM3xwi2rFp9K24jLvmPs IfY+uTxQkVT3ONvlxIntY4af7O10yZUP6k21ro1mprQsZz4lWquFOEKFjnZe0DW90t naw/z/POZU6r0f3jzk+re3G6ViciOI9nncRNNuyDvubzm11BFdY3s0//k47AeM4XO0 3XrR/fyThcPSg== Received: by mail-qk1-f198.google.com with SMTP id af79cd13be357-76dbd860e6fso193877185a.0 for ; Thu, 07 Sep 2023 23:49:30 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1694155769; x=1694760569; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=KAJRFvIDynx/Dy/05FbamHKYbzbLbP4e51qfYcBizUg=; b=on+0mXXZdeWQwAQvNvHiI9nqetqsCfgkIM29zCY5A5NKFYze612LhNOR7ATYbwy3Ye d5FVPtWpb1IsxuiwBTz2nn0J93Ya30g926bDtR9YYM4N//plADZLrdiqS0BGdmSJm0w8 aKBf3FYLhAxdB0iSwEhaxOyV44zEBy6dGykne9B0bNB8ammseaSlFcHzTLN9AdxpZUB9 g3tAkGuOxS7mS6yQF71L6mSnok1srFEGAWdWYyBUqsqJ6hMP7mmjcvq+kjKusIOkY2Kv fxm3fgEHK80uA7QVBl1BqlZi0Y94CnxFoaE0bobKv1tt+8kLhc1KlPenfTZIMRtnx5l+ v+UQ== X-Gm-Message-State: AOJu0Yyu/0xuUCID6kzOlpRDbGoyGFA7eRCgtevGTbTZYghryi4eeepn QZDm0kS1S1lmrjseTLNqkhkWcPj/LTFn/E8Vp9/V/xD5Q35eeVqRtBeAiIaulcMkh+1tAylxcU1 4HLLr8u2A+JLpp7mKmK7Ymlo5KvaFNq7DM2afiZJAhq7fEv5a6vIZ X-Received: by 2002:a05:620a:29c3:b0:76c:e764:5071 with SMTP id s3-20020a05620a29c300b0076ce7645071mr1941713qkp.55.1694155769129; Thu, 07 Sep 2023 23:49:29 -0700 (PDT) X-Google-Smtp-Source: AGHT+IGjJ8QR17VmlzRv2k1yVbyS83TS8zu5jqAoAt/hyBJPmQ7o6CjFgRp8cPsHOi6Tatgd7f+HVQ== X-Received: by 2002:a05:620a:29c3:b0:76c:e764:5071 with SMTP id s3-20020a05620a29c300b0076ce7645071mr1941702qkp.55.1694155768839; Thu, 07 Sep 2023 23:49:28 -0700 (PDT) Received: from k2.fuzzbuzz.org ([38.147.253.170]) by smtp.gmail.com with ESMTPSA id j28-20020a05620a001c00b007683d78ce4csm364239qki.84.2023.09.07.23.49.28 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 07 Sep 2023 23:49:28 -0700 (PDT) From: Khalid Elmously To: kernel-team@lists.ubuntu.com Subject: [SRU][L/gcp][PATCH 1/1] x86/sev: Make enc_dec_hypercall() accept a size instead of npages Date: Fri, 8 Sep 2023 02:49:02 -0400 Message-Id: <20230908064903.287209-4-khalid.elmously@canonical.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20230908064903.287209-1-khalid.elmously@canonical.com> References: <20230908064903.287209-1-khalid.elmously@canonical.com> MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" From: Steve Rutherford BugLink: https://bugs.launchpad.net/bugs/2034894 enc_dec_hypercall() accepted a page count instead of a size, which forced its callers to round up. As a result, non-page aligned vaddrs caused pages to be spuriously marked as decrypted via the encryption status hypercall, which in turn caused consistent corruption of pages during live migration. Live migration requires accurate encryption status information to avoid migrating pages from the wrong perspective. Fixes: 064ce6c550a0 ("mm: x86: Invoke hypercall when page encryption status is changed") Signed-off-by: Steve Rutherford Signed-off-by: Ingo Molnar Reviewed-by: Tom Lendacky Reviewed-by: Pankaj Gupta Tested-by: Ben Hillier Cc: stable@vger.kernel.org Link: https://lore.kernel.org/r/20230824223731.2055016-1-srutherford@google.com Signed-off-by: Khalid Elmously (cherry picked from commit ac3f9c9f1b37edaa7d1a9b908bc79d843955a1a2) --- arch/x86/include/asm/mem_encrypt.h | 6 +++--- arch/x86/kernel/kvm.c | 4 +--- arch/x86/mm/mem_encrypt_amd.c | 13 ++++++------- 3 files changed, 10 insertions(+), 13 deletions(-) diff --git a/arch/x86/include/asm/mem_encrypt.h b/arch/x86/include/asm/mem_encrypt.h index 8f513372cd8d4..c91326593e741 100644 --- a/arch/x86/include/asm/mem_encrypt.h +++ b/arch/x86/include/asm/mem_encrypt.h @@ -50,8 +50,8 @@ void __init sme_enable(struct boot_params *bp); int __init early_set_memory_decrypted(unsigned long vaddr, unsigned long size); int __init early_set_memory_encrypted(unsigned long vaddr, unsigned long size); -void __init early_set_mem_enc_dec_hypercall(unsigned long vaddr, int npages, - bool enc); +void __init early_set_mem_enc_dec_hypercall(unsigned long vaddr, + unsigned long size, bool enc); void __init mem_encrypt_free_decrypted_mem(void); @@ -84,7 +84,7 @@ early_set_memory_decrypted(unsigned long vaddr, unsigned long size) { return 0; static inline int __init early_set_memory_encrypted(unsigned long vaddr, unsigned long size) { return 0; } static inline void __init -early_set_mem_enc_dec_hypercall(unsigned long vaddr, int npages, bool enc) {} +early_set_mem_enc_dec_hypercall(unsigned long vaddr, unsigned long size, bool enc) {} static inline void mem_encrypt_free_decrypted_mem(void) { } diff --git a/arch/x86/kernel/kvm.c b/arch/x86/kernel/kvm.c index 1cceac5984daa..526d4da3dcd46 100644 --- a/arch/x86/kernel/kvm.c +++ b/arch/x86/kernel/kvm.c @@ -966,10 +966,8 @@ static void __init kvm_init_platform(void) * Ensure that _bss_decrypted section is marked as decrypted in the * shared pages list. */ - nr_pages = DIV_ROUND_UP(__end_bss_decrypted - __start_bss_decrypted, - PAGE_SIZE); early_set_mem_enc_dec_hypercall((unsigned long)__start_bss_decrypted, - nr_pages, 0); + __end_bss_decrypted - __start_bss_decrypted, 0); /* * If not booted using EFI, enable Live migration support. diff --git a/arch/x86/mm/mem_encrypt_amd.c b/arch/x86/mm/mem_encrypt_amd.c index 9c4d8dbcb1296..6ad7ddf333bc3 100644 --- a/arch/x86/mm/mem_encrypt_amd.c +++ b/arch/x86/mm/mem_encrypt_amd.c @@ -288,11 +288,10 @@ static bool amd_enc_cache_flush_required(void) return !cpu_feature_enabled(X86_FEATURE_SME_COHERENT); } -static void enc_dec_hypercall(unsigned long vaddr, int npages, bool enc) +static void enc_dec_hypercall(unsigned long vaddr, unsigned long size, bool enc) { #ifdef CONFIG_PARAVIRT - unsigned long sz = npages << PAGE_SHIFT; - unsigned long vaddr_end = vaddr + sz; + unsigned long vaddr_end = vaddr + size; while (vaddr < vaddr_end) { int psize, pmask, level; @@ -340,7 +339,7 @@ static bool amd_enc_status_change_finish(unsigned long vaddr, int npages, bool e snp_set_memory_private(vaddr, npages); if (!cc_platform_has(CC_ATTR_HOST_MEM_ENCRYPT)) - enc_dec_hypercall(vaddr, npages, enc); + enc_dec_hypercall(vaddr, npages << PAGE_SHIFT, enc); return true; } @@ -464,7 +463,7 @@ static int __init early_set_memory_enc_dec(unsigned long vaddr, ret = 0; - early_set_mem_enc_dec_hypercall(start, PAGE_ALIGN(size) >> PAGE_SHIFT, enc); + early_set_mem_enc_dec_hypercall(start, size, enc); out: __flush_tlb_all(); return ret; @@ -480,9 +479,9 @@ int __init early_set_memory_encrypted(unsigned long vaddr, unsigned long size) return early_set_memory_enc_dec(vaddr, size, true); } -void __init early_set_mem_enc_dec_hypercall(unsigned long vaddr, int npages, bool enc) +void __init early_set_mem_enc_dec_hypercall(unsigned long vaddr, unsigned long size, bool enc) { - enc_dec_hypercall(vaddr, npages, enc); + enc_dec_hypercall(vaddr, size, enc); } void __init sme_early_init(void)